1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. ekyc-ida
  4. Issues

serial_number of Japanese Personal Number cannot be revealed

Issue #1289 closed
Kosuke Koiwai created an issue

Japanese National Personal Number system restricts the use of the serial number of the certificate, and the number can only be handled by companies certified by the government. Thus, this field should be OPTIONAL or allow the use of ppid-ish number that IdP assigns to the person/certificate.

5.1.1.5. Evidence Type electronic_signature
`serial_number`: REQUIRED. String containing the serial number of the certificate used to sign.

Comments (6)

  2. Kosuke Koiwai reporter

    Japanese Personal Number has even stricter usage limitation (taxation, disaster prevention, welfare, etc)

  4. Mark Haine

    How can we resolve this issue Kosuke? It seems to me that implementers should know whether they are able to include specific attributes or not.

    In this specific part of the draft spec it will be up to implementers whether they use a given certificate type or not.

  5. Kosuke Koiwai reporter

    I pondered again, and I think I would close the issue as I think in a trust framework where serial_number cannot be provided, evidence would not need to be conveyed anyway.

  7. Log in to comment
Assignee
Type
bug
Priority
minor
Status
closed
Component
Milestone
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!